Secure IT – PKI, Certificates, and What Breaks When Trust Fails, E22
Download MP3Public Key Infrastructure (PKI) underpins nearly every secure interaction in modern IT, but it's also one of the most misunderstood and overlooked foundations of security.
In this episode of Secure IT, host Jason Kikta is joined by Mark Cooper, CEO and founder of PKI Solutions, to unpack why PKI is so critical to identity, authentication, and trust, and what happens when it fails.
They explore how certificates enable passwordless authentication, secure TLS connections, IoT devices, endpoints, and enterprise systems, while also examining why misconfigured or poorly monitored PKI environments often become an attacker's fastest path to privilege escalation. From certificate expirations and operational outages to real-world breach scenarios and pen test failures, this conversation maps the full PKI risk spectrum.
Jason and Mark also challenge a common assumption in cybersecurity: that recovery equals resilience. Instead, they argue that true resilience means staying secure and operational, even during misconfiguration, failure, or attack.
Whether you're new to PKI or responsible for running it, this episode will change how you think about identity infrastructure, resilience, and trust.
Topics covered:
- What PKI is and why most organizations already depend on it
- Certificates, passwordless authentication, and digital identity
- How PKI misconfigurations enable high-impact attacks
- Why recovery is the weakest form of resilience
- The hidden operational and security risks of foundational systems
In this episode of Secure IT, host Jason Kikta is joined by Mark Cooper, CEO and founder of PKI Solutions, to unpack why PKI is so critical to identity, authentication, and trust, and what happens when it fails.
They explore how certificates enable passwordless authentication, secure TLS connections, IoT devices, endpoints, and enterprise systems, while also examining why misconfigured or poorly monitored PKI environments often become an attacker's fastest path to privilege escalation. From certificate expirations and operational outages to real-world breach scenarios and pen test failures, this conversation maps the full PKI risk spectrum.
Jason and Mark also challenge a common assumption in cybersecurity: that recovery equals resilience. Instead, they argue that true resilience means staying secure and operational, even during misconfiguration, failure, or attack.
Whether you're new to PKI or responsible for running it, this episode will change how you think about identity infrastructure, resilience, and trust.
Topics covered:
- What PKI is and why most organizations already depend on it
- Certificates, passwordless authentication, and digital identity
- How PKI misconfigurations enable high-impact attacks
- Why recovery is the weakest form of resilience
- The hidden operational and security risks of foundational systems
Creators and Guests
Host
Jason Kikta
Jason Kikta is a fortress of knowledge in cybersecurity, bringing over two decades of frontline experience to the CISO IT podcast. His tenure at US Cyber Command isn't just a credential — it's a cornerstone of his expertise, providing a unique lens through which he views security threats and applies the best ways to prevent or remediate them. At Automox, Jason bridges the gap between good IT and robust security, sharing cutting-edge trends, tips, and expert advice based on the credo good security comes from good IT. His episodes are essential listening for IT professionals aiming to fortify their defenses and stay ahead in the ever-evolving cybersecurity battlefield.
